diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2018-10-10 15:47:53 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2018-10-10 15:47:53 +0200 |
commit | 57b924820eb68766ff307bf9efd9f1d318dd0a34 (patch) | |
tree | 161f76920f61edbe4b748cb3e9317d731ba9a726 /retired/CVE-2018-10021 | |
parent | 640652abe2d9a7d6c4c9c1bc307ec9b3b9f49993 (diff) |
Retire some issues
Diffstat (limited to 'retired/CVE-2018-10021')
-rw-r--r-- | retired/CVE-2018-10021 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2018-10021 b/retired/CVE-2018-10021 new file mode 100644 index 00000000..7b66a887 --- /dev/null +++ b/retired/CVE-2018-10021 @@ -0,0 +1,16 @@ +Description: scsi: libsas: defer ata device eh commands to libata +References: + https://bugzilla.suse.com/show_bug.cgi?id=1089281#c1 +Notes: + carnil> Negligable security impact, failure can only occur for physically + carnil> proximate attackers who unplug SAS Host Bus Adapter cables. + bwh> The vulnerable code was added in Linux 3.4. +Bugs: +upstream: released (4.16-rc7) [318aaf34f1179b39fa9c30fa0f3288b645beee39] +4.9-upstream-stable: released (4.9.103) [e420d98384760f55ffac9951b9b5cccbf2edd752] +3.16-upstream-stable: released (3.16.58) [scsi-libsas-defer-ata-device-eh-commands-to-libata.patch] +3.2-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.15.17-1) [bugfix/all/scsi-libsas-defer-ata-device-eh-commands-to-libata.patch] +4.9-stretch-security: released (4.9.107-1) +3.16-jessie-security: released (3.16.59-1) +3.2-wheezy-security: N/A "Vulnerable code not present" |